6

I've been experimenting with moving my seedbox into a Docker container and I think I'm up against a chicken/egg problem:

The current seedbox setup has OpenVPN running (all internet goes through the VPN) through privateinternetaccess.com. I have a script (https://github.com/firecat53/pia_transmission_monitor) that checks with PIA for the assigned forwarded port and then updates transmission-daemon accordingly with the port and bind address.

The problem is that the assigned forwarded port is checked hourly and it can change at any time...and I need to know the port before running the Docker container so I know which ports to pass through to/from the container. I was intending to run OpenVPN inside the container as well, but without knowing in advance which port to assign to the container I'm not sure this is going to work.

A very hackish solution could be to run OpenVPN and another Docker daemon inside one container, then run the transmission container inside the OpenVPN container. This seems waay to complex though so I haven't actually tried it yet.

Am I missing something really obvious here? Any other ideas?

Thanks!

Scott

Scott Hansen
  • 762
  • 6
  • 8

4 Answers4

2

I finally managed to get Transmission-daemon running inside the Docker container through an OpenVPN connection to Privateinternetaccess.com.

Here is the Dockerfile and the various configuration files and scripts needed to make this work. I'm open to any simplifications and/or alternate ways of achieving this! Some notes:

  1. OpenVPN requires running the container with the --privileged flag in order to create the tun0 connection.

  2. I could only make it work right by using Pipework along with a bridge on the host to give the container it's own IP address on the network.

Scott Hansen
  • 762
  • 6
  • 8
0

Would it help to set the Docker-assigned port with -p <publicport>:<containerport>?

E.g., assuming that transmission listens on port 10000 inside the container, you could tell Docker "hey, expose that on port 1234, will you?" by doing docker run -p 1234:10000 …

jpetazzo
  • 14,874
  • 3
  • 43
  • 45
  • That has to be done anyways...the problem is you don't know what the assigned forwarded port will be from privateinternetaccess.com until _after_ you run the port forwarding script inside the openvpn container. Therein lies the issue.... – Scott Hansen Jan 14 '14 at 20:28
0

I would look for a generic socket proxy that could copy all traffic to/from the dynamically-assigned port to one that you statically use. E.g. 

$ docker run -p 1000 your_container /bin/bash
# PORT=$(pia_setup_script)
# proxy_command 1000 $PORT

Of course you can make this more elegant, but that's the general concept

Hamy
  • 20,662
  • 15
  • 74
  • 102
0

Something worth checking out along some of the same lines, though missing the vpn portion, which is nice btw. When the cycles arise I think someone will add it.

https://github.com/Ohge/Docker-TransHeadCouchRage

user2636268
  • 1
  • 1